Motion-triggered biometric system for access control

ABSTRACT

A system and method for regulating access to a computing device, wherein a motion detector detects motion near the computing device and triggers an imaging device to receive an image, which is then analyzed to identify any people in the image. If at least one person in the image is not an authorized user, the computing device is locked or disconnected from the Internet.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application is a continuation in part of application Ser.No. 15/213,015, filed Jul. 18, 2016, which is a continuation ofapplication Ser. No. 14/547,135, filed Nov. 19, 2014, which takespriority from Provisional Application No. 61/907,383, filed Nov. 21,2013, which is herein incorporated by reference.

BACKGROUND

Restricting access to a computer system to authorized users is animportant and serious problem. Passwords are most commonly used, butthey are highly vulnerable to hacking. Physical objects such as cards orkeys can be lost or stolen and used by an unauthorized user. For thesereasons, many computers, smartphones, and similar devices now usebiometrics to identify authorized users. Such biometric access controldevices may use fingerprints, face or voice identification, or evenheartbeat.

One other advantage of biometric access control systems is that they aremore invisible to the user than a password or key. Instead of entering acomplicated password or using a key, the user's face or any otherbiometric parameter may be identified without the need for the user totake any sort of action.

This renders biometric access control systems advantageous in highlysensitive applications where security is paramount. If a user has tolock a computer every time they step away from the machine, and thenunlock it every time they come back, it is highly likely that they willleave the computer unlocked and unattended at least once. If the lockingand unlocking happens automatically without any need for intervention bythe user, the security of the system will be much improved.

U.S. Pat. No. 6,111,517 to Atick et al. describes a system where thebiometric identification is continuous—the computer continuouslyidentifies the user's face as the user uses the computer, and locks thecomputer when the user steps away from the machine or is replaced by adifferent user. While this is optimal for maintaining proper computersecurity, the reason that such systems are not yet in wider use is thatthey are very resource-intensive. Face recognition is a complex anddifficult task, involving a lot of complicated calculations; otherbiometric recognition systems, such as iris recognition, are equallydifficult. The Atick system has to continuously monitor the camera'sfield of vision to be able to detect unauthorized users. This takes upcomputer resources that could otherwise be used for the computer'snormal applications. Also, the resource-intensive nature of the systemmeans that it cannot be used on less-powerful computing devices such assmartphones, or built into a video camera.

One other issue associated with existing biometric facial-recognitionsystems, or other systems that solely rely on visual information, isthat they are easy to fool by holding a photo of an authorized user infront of the camera.

Finally, many biometric systems rely on fingerprints or other actionsthat require touching, which can transmit disease from user to user.

A need therefore exists for a continuous biometric identification systemthat is less resource-intensive than prior art systems, that istouch-free, that does not require to be running continuously in order tobe effective, and that can tell the difference between a photo of a userand a real living user.

SUMMARY OF THE INVENTION

Therefore, the object of the present invention is to provide a systemand method for automatically locking or unlocking a computer system,smartphone, tablet, or any other computing device, by performing abiometric identification of any people in front of the camera only whenmotion is detected in front of the camera.

Another object of the present invention is to provide a touch-freesystem and method for locking and unlocking a computing device, to avoiddisease transmission.

Another object of the present invention is to provide a system forcontinuous biometric user identification that uses minimal computerresources to run.

Another object of the present invention is to provide a system fordetermining whether a face or iris in front of the computing device is aliving user or a photo of a user.

Another object of the present invention is to provide a system forcontinuous biometric user identification that is only triggered whenmotion is detected in the field of view.

Another object of the present invention is to provide a method ofelectronic authentication of a document using biometrics.

For purposes of the present disclosure, a “computing device” is anycomputer, netbook, smartphone, tablet, e-reading device, mobileterminal, or other device that may require access to be limited toauthorized users.

The system of the present invention regulates access to a computingdevice using a motion detector, an image capturing device, a facedetection module, a liveness detection module, and a biometric analyzer.All of these elements except for the motion detector are deactivateduntil they are triggered, and deactivate immediately after performingtheir respective functions. The motion detector triggers the imagecapturing device when it detects motion. The image capturing devicecaptures an image of the area in front of the computing device, triggersthe face detection module, and deactivates. The face detection moduleanalyzes the image to determine if any faces are present, triggers theliveness detection module if any faces are present, and deactivates (ifno faces are present, the liveness detection module is not triggered).The liveness detection module determines if the faces in the image arealive, triggers the biometric detection module if at least one livingface is present, and deactivates (if no living faces are present, thebiometric detection module is not triggered). The biometric detectionmodule identifies any living faces present in the image and unlocks thecomputing device if all the people identified are authorized users. Ifany person identified by the biometric detection module is not anauthorized user, the computing device is locked, or remains locked.

In an embodiment, in addition to locking the computing device, thesystem may also disconnect it from the Internet or from a local network.The system may also disconnect any peripherals such as a keyboard, amouse, or a USB port.

The biometric analysis may be facial analysis, retinal scan analysis, orany other analysis that is capable of identifying a person from animage.

The face detection may be performed by using the eigenvector method.

The liveness detection may be performed by micromovement analysis,infrared sensing, or both.

LIST OF FIGURES

FIG. 1 shows an embodiment of the system of the present invention.

FIG. 2 shows a flowchart for an embodiment of the method of the presentinvention.

FIG. 3A shows a screenshot of the preferred embodiment of the loginscreen of the system of the present invention.

FIG. 3B shows a screenshot of the preferred embodiment of theidentification screen of the system of the present invention.

FIG. 3C shows a screenshot of the preferred embodiment of the lockedscreen of the system of the present invention.

FIG. 4A shows a screenshot of the preferred embodiment of theadministrator access screen of the system of the present invention.

FIG. 4B shows a screenshot of the preferred embodiment of the new userinput screen of the system of the present invention.

FIG. 4C shows a screenshot of the preferred embodiment of the screenwhere the new user images are captured and saved of the system of thepresent invention.

FIG. 5A shows a screenshot of a settings screen in the system of thepresent invention where the auto time-out period is set.

FIG. 5B shows a screenshot of a settings screen in the system of thepresent invention where the security level setting is set.

FIG. 5C shows a screenshot of a settings screen in the system of thepresent invention where motion tracking is turned on or off.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

In its preferred embodiment, the system of the present inventioncomprises an imaging device 100, a motion detection module 110, a facedetection module 120, a liveness detection module 130, and a biometricidentification module 140, as shown in FIG. 1. The face detectionmodule, liveness detection module, and biometric identification modulemay be wholly or in part implemented as software on the processor of thecomputing device; in another embodiment, the motion detection module,imaging device, face detection module, liveness detection module, andbiometric identification module may all be parts of a separate devicedistinct from the computing device.

The imaging device is preferably a camera, but may also be a retinascanning device or any other imaging device that can be used to acquireimages used for biometric identification, and to acquire them passivelywithout active user involvement. The imaging device is preferably aimedin such a way as to capture images of the area in front of the computingdevice, where a user would be located when using a computing device, andfocused in such a way as to capture sharp, focused images at thedistance at which a user is typically located when using the computingdevice.

In an embodiment, the built-in camera of the computing device may beused as the imaging device. In another embodiment, a separate camera maybe used as the imaging device. The minimum parameters required of such acamera are preferably a still-image resolution of 3.0 megapixels orhigher, video capture of 1280×720 pixels for lifelike detail and motion,and a VGA image sensor with RightLight technology or a similartechnology, to provide sharp images even in dim light. The camerapreferably has a USB 2.0 or higher connectivity.

The motion detection module may be a separate device from the camera, toavoid the excess power consumption and processing burden associated withcontinuous camera activation. In that aspect of the invention, themotion sensor may be an infrared sensor or a low-resolution camera orany other commercially available motion sensor.

In an embodiment, the motion detection module is part of the imagingdevice itself, and software is used to detect motion. In thatembodiment, the only software module that is continuously active is themotion detection module.

When the motion detector detects motion, the imaging device is triggeredto take an image. The imaging device is then immediately deactivated toconserve resources. If no motion is detected, the imaging device staysdeactivated and all the other modules of the present invention are alsodeactivated. The period of time between taking the image anddeactivation may be less than 1 millisecond, between 1 millisecond and ½second, or between ½ second and 1 second.

After the imaging device takes an image, it is then transmitted to theface detection module. The face detection module may be implemented as asoftware program running on the processor of the computing device, or asa software program running on a separate processor. The face detectionmodule is configured to analyze an image to determine whether or not aface is present in that image. If a face is present, the livenessdetection module is then triggered to determine whether or not the faceis alive (as opposed to being a photograph or a model). If no face ispresent, the face detection module is deactivated and the system isinactive until the next time the motion detector detects motion. If aface is present, the face detection module is deactivated after theimage is analyzed. The period of time between analysis completion anddeactivation may be less than 1 millisecond, between 1 millisecond and ½second, or between ½ second and 1 second.

The face detection module preferably uses pattern recognition methods todetermine whether a face is present in an image. Some of these patternrecognition methods are known as eigenvectors face recognitiontechnology where the neural networks are used to recognize the facethrough learning correct classification of the coefficients calculatedby the eigenface algorithm. The network is first trained on the picturesfrom the face database, and then it is used to identify the facepictures given to it. Other pattern recognition methods may also beused, such as local binary patterns histograms, three-dimensionalrecognition, linear discriminant analysis, elastic bunch graph matchingusing the FisherFace algorithm, the hidden Markov model, multilinearsubspace learning using tensor representation, and neuronal motivateddynamic link matching. It is to be understood that any other facerecognition method may also be used to practice the present invention,and that it is not limited to any of the above described or belowdescribed methods.

In an embodiment, the face detection module uses the “eigenface” methodto determine whether or not a face is present in the image. To performthe method, a training set of face images is first provided; thepictures constituting the training set are normalized to have the eyesand mouths aligned, resampled to a common pixel resolution, and takenunder the same lighting conditions. Each image is treated as one vector,and all the images are stored as a single matrix T. The average image ais then calculated and subtracted from each original image in T. Then,the eigenvectors and eigenvalues of the covariance matrix S arecalculated. Each eigenvector has the same dimensionality as the originalimages and can itself be seen as an image. The image taken by theimaging device is then projected onto the collection of eigenvectors,and if the image is similar to one or more of the “eigenfaces”, it isconsidered to contain a face. Eigenfaces are eigenvectors of covariancematrix, representing given image space. Any new face image can then berepresented as a linear combination of these Eigenfaces. This makes iteasier to match any two given images and thus perform a face recognitionprocess.

In an alternate embodiment, other face detection methods are used, suchas “fisherfaces”, which uses linear discriminant analysis, or the activeappearance model, which uses an active shape model to describe theoutline of a face. Principal component analysis is then used to form abasis set of models that encapsulate the variation of different faces.

If the face detection module detects an image of a face, the livenessdetection module is triggered next. The liveness detection module isintended to distinguish between a living face and a photograph of aface, to prevent an unauthorized user from gaining access to thecomputing device by using a photograph or 3D model of the face of anauthorized user.

In the preferred embodiment, as illustrated in FIG. 1, the livenessdetection module uses a two-step process to determine whether or not theface in the image is a living face. The first step is infrared facedetection (determining whether the face is emitting infrared radiation).The second step is detection of micromovements of the face. Both stepswill be discussed in greater detail hereinbelow. In alternateembodiments, only one of these steps may be used.

The liveness detection module may perform infrared face detection todetermine whether or not the face in the image is emitting infraredradiation. This is preferably done by an infrared sensor. For livinghuman faces, the temperature of the face generally stays within a narrowrange from approximately 35.5° C. to approximately 37.5° C. Detectingthis temperature will help the liveness detection module determine thatthe face in front of it is a living face and not a still photograph. Itwill be noted that the infrared sensor, in this embodiment, is only usedfor temperature determination and not for facial identification; in thepreferred embodiment, the liveness detection module does not take aninfrared image of the face—it simply determines the temperature of theface identified by the face detection module. In an alternateembodiment, the liveness detection module does take an infrared image ofthe face, to provide greater detail about the infrared pattern andgreater certainty that the face in front of the computing device isalive. In that embodiment, an infrared pattern that does not match atypical face is rejected and the liveness detection module identifiesthat the face in front of the computing device is not a living face.

If the infrared face detection identifies a living face, the livenessdetection module then performs a micromovement analysis on the face. Todo that, the relative movements of various points on the face areanalyzed. The imaging device may take a short video recording of theface, or may take at least two images of the face, to determine if anymicromovements occur. In an embodiment, the video can be 10-20 frameslong, but any length of video may be used for practicing the presentinvention. After the video or images are taken, the liveness detectionmodule identifies certain key points on the face—for example, eyelids,pupils, nostrils, lips, or any other key points that can move withrelation to other points. The movement of each point with respect to theother points is then analyzed. If there is no relative movement of keypoints with respect to each other, it is likely that the face is notalive. A living face is likely to have relative movement of key pointswith respect to each other—for example, the eyelids may move, the pupilsmay move, the lips may move, or the entire face may shift position andslightly turn, changing the relative position of the key points. If nomicromovements occur, the liveness detection module reports that theface is not alive. If micromovements occur, the liveness detectionmodule reports that the face is alive. After the analysis is performed,the liveness detection module deactivates.

If the liveness detection module does not detect a living face, all theelements shut down except for the motion detector. If it does detect aliving face, it triggers the biometric identification module toactivate. The biometric identification module then determines whether ornot an authorized user is present.

While the preferred embodiment of the invention uses face recognitionfor biometric identification, this is not the only way in which thebiometric identification may be performed. The biometric identificationmodule may use any form of visual biometric identification to identifythe user, such as face recognition, iris recognition, or key strokerecognition. The biometric identification module may use the image takenby the imaging device to perform the identification or may trigger theimaging device or a separate imaging device to take an additional imagefor biometric identification purposes. The biometric identificationmodule is then deactivated until the next time it is triggered.

Once all the people in front of the computing device are identified, thesystem determines whether or not each person is an authorized user. Ifall of the persons are authorized users, the computing device isunlocked (or stays unlocked). If at least one person is an unauthorizeduser, the computing device is locked (or stays locked). The imagingdevice, the face detection module, the liveness detection module, andthe biometric identification module then stay deactivated until the nexttime that motion is detected.

The system of the present invention can be installed on the computersystem or other entity that needs to be secured, a different computersystem, or within the imaging device itself. The motion detection module(whether a dedicated module or motion detection software) detects anymotion in front of the computing device, and may comprise a dedicatedmotion sensor such as an infrared sensor or infrared sensing software,or may use the imaging device itself. If no motion is detected, the facedetection module, liveness detection module, and biometricidentification module are inactive and use no resources, and thecomputer system stays locked, or unlocked, as the case may be. If motionis detected in front of the imaging device, the imaging device istriggered to receive an image, and the face detection module, livenessdetection module, and biometric identification module are activated andidentify any person or persons in the image. The imaging device, facedetection module, liveness detection module, and biometricidentification module are then immediately deactivated after use toconserve resources.

Facial identification is more difficult in field conditions, such asoutdoors or on a factory floor, than it is in normal office or homeconditions, due to differences in lighting. In an embodiment, the systemof the present invention comprises a second camera used to receiveinfrared images and an infrared emitting device to provide infraredillumination. The infrared camera may also be used for livenessdetection in that embodiment of the invention.

The system of the present invention may be implemented as software,using the computing device's built-in camera for both the motiondetection and the biometric user recognition; or it may be implementedpartially or entirely as hardware, including its own dedicated camera,an optional infrared camera, and dedicated modules for motion detection,face detection, liveness detection, and biometrics built into thecamera. In an embodiment, the system of the present invention isimplemented as a separate device that comprises all the elements of thesystem of the present invention—the camera, the motion detection module,the face detection module, the liveness detection module, and thebiometric identification module, and a processor that allows theseelements to function. In that embodiment, the system of the presentinvention is connected to a computing device using a USB port; if theUSB connection is broken, the computing device locks automatically.

FIG. 2 shows a diagram of the preferred embodiment of the method of thepresent invention. Initially, the user turns on the computing device200. FIG. 3A shows a screenshot of the login screen that the user seeswhen the computing device is turned on, in an embodiment of the presentinvention. When the computing device is first turned on, the user isidentified by means of biometrics 210 and the user's biometricparameters are stored in the computing device or elsewhere. FIG. 3Bshows a screenshot of the identification screen showing the user asRECOGNIZED and the terminal as UNLOCKED. The camera and biometricidentification system are then turned off, and the computing devicestays unlocked 220 until motion is detected in front of the camera, orthe selected time interval is reached. The user can then use thecomputing device without the biometric identification system putting anadditional load on its resources.

When motion is detected in front of the camera 230, the camera isactivated. The camera is triggered to receive at least one image 240,and triggers the face detection module to determine if a face is presentin the image 250. The camera then deactivates. If the face detectionmodule determines that a face is present in the image, the livenessdetection module is triggered to determine if the face is alive 260. Theface detection module then deactivates. If the liveness detection moduledetermines that the face is alive, the biometric identification moduleis triggered to identify any people in the image 270. If the only personin the image is the user whose biometric parameters are stored in thecomputing device (i.e. the same person as the person who originallylogged into the computer), the computing device remains unlocked. If anyother person is detected in the image, the computing device is locked280. The biometric identification module and the camera are then turnedoff. The motion detector stays turned on. FIG. 3C shows a screenshot ofthe locked screen of the preferred embodiment of the present invention.

If the computing device is locked 280, the system waits for motion to bedetected in front of the camera. When that happens, the system triggersthe camera to receive at least one image, which triggers the facedetection module to identify any faces in the image, which triggers theliveness detection module to determine if the faces are alive, whichtriggers the biometric identification module to identify any people inthe image. If the only person in the image is the user who originallylogged into the computer, the computing device is unlocked. If any otherpeople are present in the image, the computing device stays locked.

At any point, if a module returns a negative result—i.e. the facedetection module does not detect any faces, or the liveness detectionmodule does not detect any living faces—the system is deactivated exceptfor the motion detector and is only triggered again when motion happensin front of the motion detector.

When the user logs off from the computing device, the computing deviceis locked and the system waits for the next user to log in.

In other embodiments of the method, the computing device may bedisconnected from the Internet when it is locked, or may remain unlockedbut may be disconnected from the Internet when any person other than theauthorized user is present in front of the camera.

In an embodiment of the invention, all or some of the computing deviceperipherals may be disconnected when the computing device is locked. Theperipherals may be input devices, such as a mouse, keyboard, microphone,or read-only memory; output devices, which provide output from thecomputer, such as a monitor, projector, printer, or speaker; orinput/output devices, such as a data storage device, network adapter, ormulti-function printer. The peripherals may also include ports such as aUSB port for connecting a data storage device to the computer, or a HDMIport for connecting an external monitor. In an embodiment of theinvention, all of these peripherals are disconnected when the computingdevice is locked. This prevents situations in which an unauthorized userconnects a flash drive or similar memory module to a locked computingdevice to gain access or to copy files from the computing device, orgains access to a locked computing device by means of an input devicesuch as a keyboard or mouse. The peripherals are preferably locked byperipheral device management services where the input/output of theperipherals, ports and physical devices can be locked or unlocked. Thisprovides for a seamless and more controllable management of theresources.

FIGS. 4A-4C show screenshots of the process used to enroll a new userinto the system in the preferred embodiment of the present invention.FIG. 4A shows a screen where the administrator enters their username andpassword prior to getting access to the system. FIG. 4B shows a screenwhere the administrator enters a new user's information and any personaldetails required to create an account. FIG. 4C shows a screen where thenew user's facial images are captured and saved. As is shown in thescreenshot, the user is encouraged to move their head and face from sideto side and up/down and to make different facial expressions, andmultiple images are preferably taken. Once the desired images arecaptured and saved, the administrator clicks the “Accept” button to savethe images into the authorized user facial library. This facial libraryis preferably stored on a server connected to the computing devicethrough a secure wired or wireless connection, but may also be stored onthe computing device itself.

FIGS. 5A-5C show the settings screen in the preferred embodiment of thepresent invention. A user can set an “auto time-out” period when thecomputing device automatically locks after a period of inactivity, asshown in FIG. 5A. FIG. 5B shows the security level setting—a user canset a Low, Medium, or High security level. The higher the securitylevel, the more detailed the face-recognition process; this reduces thefalse-acceptance rate (errors where an unauthorized user ismisidentified as an authorized user and granted access), but increasesthe false-rejection rate (errors where an authorized user ismisidentified as an unauthorized user and denied access). FIG. 5C showsthe motion tracking screen. A user can turn off motion tracking ifmotion-detection is not needed for a particular application or timeperiod.

The system and method of the present invention may be implemented on anycomputing device to which a camera may be connected, or which comprise acamera or any other imaging device. Such computing devices includesmartphones, tablets, laptops, netbooks, e-reading devices, desktops,workstations, terminals, and any other devices that require secureaccess control.

Exemplary embodiments are described above. It will be understood thatthe invention is not limited to those exemplary embodiments, but islimited only by the appended claims.

The invention claimed is:
 1. A touch-free system for regulating accessto a computing device, comprising: a motion detector; an image capturingdevice, wherein the image capturing device is configured to captureimages; a face detection module, wherein the face detection module isconfigured to analyze images captured by the image capturing device,wherein the face detection module is configured to determine if at leastone human face is present in an image captured by the image capturingdevice; a liveness detection module, wherein the liveness detectionmodule is configured to determine if a face present in front of thecomputing device is alive; a biometric analyzer, wherein the biometricanalyzer is configured to identify any person present in front of thecomputing device; a memory storing a biometric representation of atleast one authorized user; at least one peripheral device; wherein themotion detector operates whether the computing device is locked orunlocked; wherein the computing device is locked and the at least oneperipheral device is disconnected whenever the biometric analyzerdetects that at least one of the people in front of the computing deviceis not an authorized user; wherein the computing device is unlocked andthe at least one peripheral device is connected whenever the biometricanalyzer detects that all of the people in front of the computing deviceare authorized users; wherein the image capturing device, face detectionmodule, liveness detection module, and biometric analyzer aredeactivated until they are triggered; wherein the motion detectortriggers the image capturing device; wherein the image capturing devicetriggers the face detection module when an image is captured; whereinthe face detection module triggers the liveness detection module when aface is detected in an image; wherein the liveness detection moduletriggers the biometric analyzer when the liveness detection moduledetermines that a face present in front of the computing device isalive; wherein the image capturing device is deactivated after an imageis captured; wherein the face detection module is deactivated after itdetermines whether or not a face is present in an image; wherein theliveness detection module is deactivated after it determines whether ornot a face present in front of the computing device is alive; whereinthe biometric analyzer is deactivated after it identifies any personpresent in front of the computing device.
 2. A touch-free system forregulating access to a computing device, comprising: a motion detector;an image capturing device, wherein the image capturing device isconfigured to capture images; a face detection module, wherein the facedetection module is configured to analyze images captured by the imagecapturing device, wherein the face detection module is configured todetermine if at least one human face is present in an image captured bythe image capturing device; a liveness detection module, wherein theliveness detection module is configured to determine if a face presentin front of the computing device is alive; a biometric analyzer, whereinthe biometric analyzer is configured to identify any person present infront of the computing device; a memory storing a biometricrepresentation of at least one authorized user; at least one USB port;wherein the motion detector operates whether the computing device islocked or unlocked; wherein the computing device is locked and the atleast one USB port is disconnected whenever the biometric analyzerdetects that at least one of the people in front of the computing deviceis not an authorized user; wherein the computing device is unlocked andthe at least one USB port is connected whenever the biometric analyzerdetects that all of the people in front of the computing device areauthorized users; wherein the image capturing device, face detectionmodule, liveness detection module, and biometric analyzer aredeactivated until they are triggered; wherein the motion detectortriggers the image capturing device; wherein the image capturing devicetriggers the face detection module when an image is captured; whereinthe face detection module triggers the liveness detection module when aface is detected in an image; wherein the liveness detection moduletriggers the biometric analyzer when the liveness detection moduledetermines that a face present in front of the computing device isalive; wherein the image capturing device is deactivated after an imageis captured; wherein the face detection module is deactivated after itdetermines whether or not a face is present in an image; wherein theliveness detection module is deactivated after it determines whether ornot a face present in front of the computing device is alive; whereinthe biometric analyzer is deactivated after it identifies any personpresent in front of the computing device.
 3. A method for regulatingaccess to a computing device, comprising: storing a biometricrepresentation for at least one authorized user; detecting motion nearthe computing device; activating an image capturing device when motionis detected; triggering the image capturing device to capture an imagewhen motion is detected; deactivating the image capturing device afterthe image is captured; triggering a face detection module when an imageis captured; using the face detection module to detect whether or not aface is present in the image; deactivating the face detection module;triggering a liveness detection module when the face detection moduledetermines that a face is present in the image; using the livenessdetection module to detect whether or not the face is alive;deactivating the liveness detection module; triggering a biometricanalysis module when the liveness detection module detects that the faceis alive; using the biometric analysis module to identify any people inthe image; using the biometric analysis module to determine whether eachperson in the image is an authorized user; deactivating the biometricanalysis module after each person in the image is determined to be ornot be an authorized user; and further comprising: if each person in theimage is an authorized user, and the computing device is disconnectedfrom the Internet, connecting the computing device to the Internet; ifeach person in the image is an authorized user, and the computing deviceis connected to the Internet, leaving the computing device connected tothe Internet; if at least one person in the image is not an authorizeduser, and the computing device is disconnected from the Internet,leaving the computing device disconnected from the Internet; if at leastone person in the image is not an authorized user, and the computingdevice is connected to the Internet, disconnecting the computing devicefrom the Internet.
 4. A method for regulating access to a computingdevice, wherein the computing device comprises at least one peripheraldevice, comprising: storing a biometric representation for at least oneauthorized user; detecting motion near the computing device; activatingan image capturing device when motion is detected; triggering the imagecapturing device to capture an image when motion is detected;deactivating the image capturing device after the image is captured;triggering a face detection module when an image is captured; using theface detection module to detect whether or not a face is present in theimage; deactivating the face detection module; triggering a livenessdetection module when the face detection module determines that a faceis present in the image; using the liveness detection module to detectwhether or not the face is alive; deactivating the liveness detectionmodule; triggering a biometric analysis module when the livenessdetection module detects that the face is alive; using the biometricanalysis module to identify any people in the image; using the biometricanalysis module to determine whether each person in the image is anauthorized user; deactivating the biometric analysis module after eachperson in the image is determined to be or not be an authorized user;and further comprising: if each person in the image is an authorizeduser, and the at least one peripheral device is disconnected, connectingthe computing device to the at least one peripheral device; if eachperson in the image is an authorized user, and the at least oneperipheral device is connected, leaving the computing device connectedto the at least one peripheral device; if at least one person in theimage is not an authorized user, and the at least one peripheral deviceis disconnected, leaving the computing device disconnected from the atleast one peripheral device; if at least one person in the image is notan authorized user, and the at least one peripheral device is connected,disconnecting the computing device from the at least one peripheraldevice.
 5. A method for regulating access to a computing device, whereinthe computing device comprises at least one USB port, comprising:storing a biometric representation for at least one authorized user;detecting motion near the computing device; activating an imagecapturing device when motion is detected; triggering the image capturingdevice to capture an image when motion is detected; deactivating theimage capturing device after the image is captured; triggering a facedetection module when an image is captured; using the face detectionmodule to detect whether or not a face is present in the image;deactivating the face detection module; triggering a liveness detectionmodule when the face detection module determines that a face is presentin the image; using the liveness detection module to detect whether ornot the face is alive; deactivating the liveness detection module;triggering a biometric analysis module when the liveness detectionmodule detects that the face is alive; using the biometric analysismodule to identify any people in the image; using the biometric analysismodule to determine whether each person in the image is an authorizeduser; deactivating the biometric analysis module after each person inthe image is determined to be or not be an authorized user; and furthercomprising: if each person in the image is an authorized user, and theat least one USB port is disconnected, connecting the computing deviceto the at least one USB port; if each person in the image is anauthorized user, and the at least one USB port is connected, leaving thecomputing device connected to the at least one USB port; if at least oneperson in the image is not an authorized user, and the at least one USBport is disconnected, leaving the computing device disconnected from theat least one USB port; if at least one person in the image is not anauthorized user, and the at least one USB port is connected,disconnecting the computing device from the at least one USB port.